devel/bacon: update to 3.23.0
- scroll_anchor decides whether the scroll initially sticks with the first item (most common setting),
with the last one, or to show most recent output lines unless there are errors in which case it show
first items (by default in run jobs with auto) - Fix #384
If you're using an old bacon.toml file, you may want to add scroll_anchor="auto" to jobs running
the compiled executable.
- show_command_error_code job parameter, which is true in default cargo run job - Fix #435
When calling a lint or compilation tool, the exit status is usually not interesting: many tools report
an error (i.e. a non zero code) as soon as there's an error, or even a warning (eg miri).
That's why the error code isn't shown in bacon when there are also warnings, errors or test failures.
But sometimes you do want to see such error, eg when running not just the compiler/linter but the program
you're writing as in bacon run. In such case, you should set show_command_error_code=true.
- fix a log message from the rodio library leaking to the interface - Fix #437 - Thanks @c-git
When a user requires the ignoring of some/folder, they usually wants to ignore the content of that folder.
So now we also generate a pattern with added /** when it seems relevant. - Fix #438
crypto(4): Nix spurious mutex_exit; add missing bounds checks.
Consistently use `foo = kmem_alloc(n * sizeof(*foo), ...)' instead of
`sizeof(struct whatever_foo_is)'. Makes it easier for a reader to
notice a discrepancy this way.
Move CRYPTODEV_OPS_MAX to cryptodev_internal.h so it can be used by
the compat ocryptodev.c shims too. I think this is waaaaaaaaaaaaay
too high, by the way. For example, it looks like qat(4) puts a limit
of 16384 on the number of sessions. Other devices like hifn(4) look
like they're limited to numbers of sessions ranging from 2 to around
256.
PR kern/60281: crypto(4): bugs in reference counting and test
adguardhome: updated to 0.107.75
0.107.75
We’ve fixed a critical vulnerability affecting DNS-over-QUIC and DNS-over-HTTPS
that could put your DNS privacy at risk. The gap is now closed, and your
encrypted traffic is back to traveling through a properly armored tunnel.
py-mail-parser: updated to 4.2.1
4.2.0
Use uv to manage packages
Support for .id and .by top level domains in parse_received
Fixed issue Parser behaving different on Linux vs Windows
Bump pypa/gh-action-pypi-publish from 1.5.1 to 1.13.0 in /.github/workflows
General improvements
Issue 146: Fix comma in encoded address header
Refactor received header parsing: replace regex list with RFC 5321 to…
py-python-discovery: updated to 1.3.1
Bug fixes - 1.3.1
- export normalize_isa and deprecate KNOWN_ARCHITECTURES
- discover uv-managed Pythons on Windows. Previously the glob assumed Unix layout (``<root>/<key>/bin/python``) and
silently found nothing on Windows, where uv places ``python.exe`` directly under the install root
- Canonicalize GraalVM to match GraalPy Python interpreter in PythonSpec and PythonInfo.
nginx: Update to 1.30.1.
Changes with nginx 1.30.1 13 May 2026
*) Security: when using the "proxy_set_body" directive, an attacker
might inject data in the proxied request to an HTTP/2 backend
(CVE-2026-42926).
Thanks to Mufeed VH of Winfunc Research.
*) Security: a heap memory buffer overflow might occur in a worker
process while handling a specially crafted request by
ngx_http_rewrite_module, potentially resulting in arbitrary code
execution (CVE-2026-42945).
Thanks to Leo Lin.
*) Security: a heap memory buffer overread might occur in a worker
process while handling a specially crafted response by
ngx_http_scgi_module or ngx_http_uwsgi_module, allowing an attacker
to cause a disclosure of worker process memory or segmentation fault
[27 lines not shown]
shells/oh-my-posh: update to 29.14.0
Bug Fixes
- cli: check upgrade cache key in notice command (e59a704)
- cli: use idiomatic ok and always close cache in notice (3428861)
- cmd: defer notice to first prompt in Clink (2e68186), closes #7524
Features
- cli: add copilot command and copilot_cli segment (7bb5ba7)
- upgrade: unlock oh-my-posh upgrade on FreeBSD (58c5598)
crypto(4): Omit needless locking in fcrypt_dtor.
We must have exclusive access to the object for this function to work
at all, so if removing the locks appeared to cause issues, it would
necessarily happen only because there is a bug somewhere else.
PR kern/60281: crypto(4): bugs in reference counting and test
crypto(4): Disentangle initialization and attachment goo.
Lotta unnecessary boilerplate deleted here!
Disable module unloading: can't be done safely. Explain precisely
why it can't be done safely.
This also fixes annoying `crypto: unable to register devsw, error 17'
messages in rump dmesg by having exactly one path to devsw_attach.
PR kern/60281: crypto(4): bugs in reference counting and test
crypto(4): Fix missing membars on reference count release.
If two threads A and B both hold references, we need to ensure that
memory ops in thread A happen before memory free in thread B in:
thread A thread B notes
-------- -------- -----
memory ops
atomic_dec(&refcnt) goes from 2 to 1
atomic_dec(&refcnt) goes from 1 to 0
memory free
This requires a membar_release in thread A before the atomic_dec (or
atomic_dec with memory_order_release), and a membar_acquire in thread
B after the atomic_dec is found to have brought the reference count
down to zero (or atomic_dec wiht memory_order_acquire).
kern/60281: crypto(4): bugs in reference counting and test
crypto(4): Take reference _before_ releasing the lock.
Otherwise nothing ensures the object will still exist by the time we
try to take the reference.
Also guard against too many references, since this is only a 32-bit
reference count.
PR kern/60281: crypto(4): bugs in reference counting and test
crypto(4): Make test more reliable, and test more.
1. New thread to concurrently create and destroy sessions.
(There should really be multiple threads to concurrently compete
with each other to create and destroy sessions, but this is
already surfacing more crashes, as I expected.)
2. Handle EBUSY in CIOCFSESSION in case there is a concurrent
CIOCCRYPT, as we are trying to test.
3. Handle CIOCCRYPT failure if a concurrent CIOCFSESSION beat us to
it, as we are trying to test
4. Dump core if the threads get stuck for too long.
5. Provide stack traces from the test program or rump server if they
dump core.
PR kern/60281: crypto(4): bugs in reference counting and test
kitty: update to 0.47.0
- A new Drag and drop kitten to allow drag and drop of files from
your shell to any GUI program even across SSH
- A new option palette_generate to automatically generate the 256
color palette from the first 16 colors
- For builtin key mappings automatically fallback to matching the
US-PC layout key when the pressed key has no matches and is a
non-English character
- Allow drag and drop of windows to re-arrange them, move them to
another tab/OS Window or detach them into a new OS Window. See
toggle_window_title_bars to temporarily show window title bars to
drag them around
- Have scroll_line_up and scroll_line_down smooth scroll by default.
Can be restored to old behavior by re-mapping without the smooth
argument
- Draw a progress bar at the top of the window when a program
reports progress using the OSC 9;4 escape sequence, controlled by
progress_bar
[94 lines not shown]
lang/ruby40: update to 4.0.4
pkgsrc change:
* Fix rdoc problem on C locale, backported from rdoc-7.0.4.
(So, no need to patch a template file to character entity reference.)
Ruby 4.0.4 (2026-05-11)
* Bug #21955: Fiber#transfer: machine stack not released when fiber
terminates, causing FiberError: can't set a guard page
* Bug #21964: Fiber stack acquire can expand unnecessarily
* Bug #21971: Fix regexp performance regression for patterns starting with
s/k
* Bug #21961: Marshal.load freeze option fail to freeze linked strings
* Bug #21959: rb_internal_thread_event_hooks_rw_lock is not reinitialized
after fork causing deadlocks
* Bug #21954: NoMethodError instead of Gem::LoadError on gem activation
problem in Ruby 4.0.2
[16 lines not shown]
